How does bitcoin core discover own IP, which is then reported to new peers inside the version messages?
I think these days it's just by the value reported from the connected peers - is that right?
And then, if it has a wrong IP (of some malicious node), how could it affect the chance of other nodes to connect to that malicious one?
It doesn't effect anything. The only time those addresses are used is by by the peer when it generates an address broadcast message back to the specific peer that gave it that address.
I believe those same IPs were advertising classic for months before and XT before that. I think many people have blocked them or even all of amazon from their node for a long time.
These nodes seem to be getting advantage on how often they are connected to, as their "victims" advertise their IP as own.
No such advantage. You don't advertise that other nodes IP to anyone else except potentially that peer itself.